<?php
/**
 * Copyright (c) 2006, PORTALIER Julien
 *
 * Licensed under The LGPL License
 * Redistributions of files must retain the above copyright notice.
 *
 * @package      FeatherCMS
 * @subpackage   Filer
 * @copyright    Copyright (c) 2006, Julien PORTALIER
 * @link         http://julien.portalier.com
 * @license      http://www.opensource.org/licenses/lgpl-license.php The LGPL License
 */

class FilerController extends Controller
{
	public $layout = 'empty';
	
	function index()
	{
		$path = func_get_args();
		$path = $this->__path($path);
		$this->__checkAccess($path, 'read');
		
		$this->data = $this->Filer->ls($path);
		
		if (!$this->data)
			$this->session->setFlash($this->Filer->error);
	}
	
	function mkdir()
	{
		$path = func_get_args();
		$path = $this->__path($path);
		$this->__checkAccess($path);
		
		if (isset($this->data['folder']))
		{
			$path .= '';
			if ($this->Filer->mkdir($path.DS.$this->data['folder']))
				$this->flash(_("The folder has been created."), $this->__url("$path/{$this->data['folder']}"));
			
			$this->flash(s_("Oops, an error has occured: %s", $this->Filer->error), $this->__url($path));
		}
	}
	
	function upload()
	{
		$path = func_get_args();
		$path = $this->__path($path);
		$this->__checkAccess($path);
		
		if (isPost())
		{
			Loader::libs('file_upload');
			$upload   = new FileUpload;
			$rs = $upload->saveMany('item', $path, false);
			
			$this->flash(
				($rs === true) ? _("Uploaded files have been saved.") : $rs,
				$this->__url($path)
			);
		}
	}
	
	function rename()
	{
		$old = $this->__path($this->data['old_path']);
		$new = $this->__path($this->data['new_path']);;
		
		$this->__checkAccess($old);
		if ($old != $new)
			$this->__checkAccess($new);
		
		if ($this->Filer->rename($old, $new))
			$this->session->setFlash(_("The file has been renamed."));
		else
			$this->session->setFlash(s_("Oops, an error has occured: %s", $this->Filer->error));
		
		$this->redirect($this->__url(dirname($new)));
	}
	
	function delete()
	{
		$path = func_get_args();
		$path = $this->__path($path);
		$this->__checkAccess($path, 'delete');
		
		if ($this->Filer->rm($path))
			$this->session->setFlash(_("The file or directory has been deleted."));
		else
			$this->session->setFlash(s_("Oops, an error has occured: %s", $this->Filer->error));
		
		$this->redirect($this->__url(dirname($path)));
	}
	
	protected function __path($args)
	{
		// creates path and secures it
		$path = is_array($args) ? implode(DS, $args) : $args;
		$path = str_replace('..', '', $path);
		
		// uniforms path
		$path = preg_replace(':^/|/$:', '', $path);
		
		$this->set('path', $path);
		return $path;
	}
	
	protected function __checkAccess($path, $action='write')
	{
		do
		{
			$rs = $this->acl->check("Filer.$path", null, $action);
			if ($rs !== null)
				return $rs;
			
			$path = dirname($path);
		}
		while (!empty($path) and $path != '.' and $path != '/');
		
		$this->session->setFlash('Permission denied.');
		$this->render('denied');
		exit;
	}
	
	protected function __url($path, $chroot=null)
	{
		if (is_null($chroot) and isset($this->params['url']['chroot']))
			$chroot = $this->params['url']['chroot'];
		
		$url = "/filer/index/$path";
		
		if (!empty($chroot))
			$url .= "?chroot=$chroot";
		
		return $url;
	}
}
?>